package com.frame.project.common.jwt;

import java.security.Key;
import java.util.Date;

import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwt;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;

/**
 * JWT工具类
 * @author Administrator
 *
 */
public class JwtHelper {
	/**
	 * 解析jwt
	 */
	public static Claims parseJWT(String jsonWebToken, String base64Security){
			Claims claims = Jwts.parser()
					.setSigningKey(DatatypeConverter.parseBase64Binary(base64Security))
					.parseClaimsJws(jsonWebToken).getBody();
			return claims;
	}


	/**
	 * 构建jwt
	 */
	public static String createJWT(String name, String userId, String role,
			String audience, String issuer, long TTLMillis, String base64Security)
	{
		SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;

		//生成签名密钥
		byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(base64Security);
		Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());

		//添加构成JWT的参数
		JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT")
				.claim("role", role)
				.claim("username", name)
				.claim("userid", userId)
				.setIssuer(issuer)
				.setAudience(audience)
				.signWith(signatureAlgorithm, signingKey);
		//添加Token过期时间
		long nowMillis = System.currentTimeMillis();
		Date now = new Date(nowMillis);
		if (TTLMillis >= 0) {
			long expMillis = nowMillis + TTLMillis;
			Date exp = new Date(expMillis);
			builder.setExpiration(exp).setNotBefore(now);
		}

		//生成JWT
		return builder.compact();
	}
}
